►
From YouTube: Opening Keynote: An Update on Sealed Rust
Description
James Munns from Ferrous Systems discusses updates on Ferrous System's Sealed Rust project to qualify the Rust Programming Language for mission and safety critical applications, including industrial, automotive, and avionics use cases.
Interested in Sealed Rust? Reach out to use at sealed-rust@ferrous-systems.com!
A
All
right
well
we're
going
to
go
ahead
and
get
started
with
the
keynote
thanks
for
everyone
for
watching
through
our
introduction.
So
I
want
to
start
my
keynote
with
an
updated
seal
dress,
so
reminder
for
anyone
who
missed
the
first
couple
minutes.
I'm
james
muns
from
ferris
systems
and
ferris
systems
is
a
consultancy.
That's
been
working
on
improving
the
state
of
rust
in
industry,
particularly
in
this
case,
for
the
embedded
systems
industry.
A
So
last
year,
just
after
oxidize,
we
announced
our
intention
to
work
on
sealed
rust.
It
actually
came
out
of
a
lot
of
the
discussions
that
happened
in
person
at
oxidized
last
year,
so
we
were
able
to
meet
with
a
lot
of
people
who
were
interested
or
already
looking
at
using
rust
across
safety,
critical
industries
and
in
higher
levels
of
criticality
for
their
business.
A
So,
since
we
put
out
that
initial
blog
post
about
a
year
ago,
we
spent
the
last
year
talking
to
a
lot
of
companies
in
industry.
So
we
we've
spoke
with
people
who
are
engineering
people
at
these
individual
companies.
Companies
who
are
technology
leads
or
ctos
of
these
companies
or
people
who
are
interested
in
making
rust
a
part
of
their
offering.
We've
spent
this
last
year,
really
refining
the
technical
plan.
What
would
it
take
to
bring
rust
into
these
industries,
whether
it's
a
mission,
critical
industry
or
a
safety
critical
industry?
A
So
we've
been
working
on
making
sure
that
we
have
the
right
technical
offerings
and
what
we
would
need
to
do
to
help
rust
enter
those
markets.
We've
also
been
working
on
our
business
plan.
How
can
we
make
sure
that
we
have
the
right
people
and
the
right
funding
to
bring
all
of
these
efforts
to
completion?
A
We
see
there
being
a
fair
amount
of
work
to
do
and
that's
something
that
we
didn't
want
to
push
on
open
source
contributors.
We
see
this
as
being
rightly
done
by
companies
with
funding
and
paid
for
by
the
companies
that
would
benefit
for
this,
because
it's
something
that
is
useful
to
a
lot
of
people,
but
generally
the
most
useful
to
niche
industries
like
mission,
critical
services
and
safety
critical
services.
A
So
what
we
saw
as
the
important
parts
that
differ
from
what's
offered
from
rust.
The
programming
language
today
is
to
formalize
a
subset
of
the
rust
programming
language.
So
we
think
that
it's
important
for
these
industries
to
make
sure
that
there's
a
part
of
the
rust
programming
language
that
has
very
specific
semantics
in
terms
of
what
the
language
offers
and
what
that
means
in
practice.
Either
at
compile
time
or
run
time
so
that
people
can
make
these
stronger
guarantees
on
what
their
programs
will
do
and
what
their
programs
won't
do.
A
We
also
think
it's
important
to
come
up
with
a
stabilized
version
of
the
compiler
output,
so
this
is
important
for
two
main
reasons.
So
we
see
people
using
rust
and
wanting
to
be
able
to
analyze
what
their
programs
are
doing
and
for
this
it
means
that
they
need
to
have
an
input
to
their
programs
that
they
can
use
to
make
assumptions
and
do
analysis
on
this.
A
So
they
need
some
kind
of
stabilized
output
from
the
compiler
that
allows
them
to
build
these
reliable
analysis
tools
to
make
stronger
guarantees
on
what
their
programs
are
going
to
be
doing.
We
also
need
a
stabilized
compiler
output
for
different
compiler
back
ends
over
the
past
year
or
so
rust
has
been
growing
their
second
compiler
back
end.
A
A
It
also
means
especially
for
safety,
critical,
a
lot
of
paperwork,
there's
a
lot
of
documentation
and
verification
that
needs
to
go
into
making
a
safety,
critical,
compiler
offering
and
that's
a
lot
of
work.
That
really
is
different
from
the
kind
of
work
that
you
typically
do
for
an
open
source
project.
So
we
want
to
make
sure
that
we
have
the
ability
to
do
all
of
that
paperwork
to
submit
these
to
the
kind
of
organizations
that
are
going
to
be
doing.
A
So
I've
been
mentioning
the
phrases,
mission,
critical
and
safety
critical.
A
lot
we've
been
generally
from
talking
to
a
lot
of
these
users
that
want
to
use
rust
in
new
areas.
We've
found
that
they've
generally
fallen
into
one
of
two
categories.
The
first,
which
we
call
mission
critical,
are
the
kinds
of
people
who
are
building
services
for
their
business
that
have
a
lot
of
money
and
business
reliability,
constraints
riding
on
it.
These
are
people
who
are
providing
cyber
security
systems,
large-scale
infrastructure,
highly
reliable
systems
that
are
built
using
rust.
A
We
found
a
lot
of
these
companies
have
already
started
using
rust
in
one
way
or
another,
but
as
users
of
the
rust
programming
language,
they
want
the
highest
level
of
confidence
available
for
their
tools.
In
particular,
the
mission
critical
folks
want
to
have
the
most
insight
possible
for
analyzing
what
it
means
to
have
a
correct
rust
program.
This
goes
back
to
that
stable
output
that
I
mentioned,
where
they're
either
building
tools
in-house
to
do
some
kind
of
formal
analysis
or
they're
looking
to
purchase
third-party
tools
that
do
this
kind
of
analysis.
For
them.
A
These
are
industries
that
don't
necessarily
have
a
regulator
telling
them
what
they
can
and
can't
use.
But
as
a
business,
they
want
to
make
sure
they're
minimizing
risk
as
much
as
makes
sense.
As
I
mentioned,
these
are
our
infrastructure
provided
people
who
are
providing
hosting
for
millions
of
people
or
routing
and
network
infrastructure
for
millions
or
even
billions
of
people,
and
we
want
to
make
sure
that
these
mission,
critical
uses
users
are
just
as
well
supported.
A
Safety
critical
was
the
use
case
that
we
originally
had
in
mind
for
sealed
rust,
and
we
realized
that
there's
a
lot
of
interlink
in
here,
but
there's
a
little
bit
of
slight
difference
between
mission,
critical
and
safety,
critical
users.
We
found
that
over
the
past
years,
there's
a
lot
of
safety,
critical
users,
people
building
embedded
systems
that
have
to
do
with
keeping
people
safe
and
they've,
actually
already
in
many
cases,
already
been
doing
the
analysis
to
see
whether
that
rust
could
provide
some
kind
of
benefit
to
their
business.
A
Most
of
these
people
that
we've
talked
to
have
come
away
with
a
positive
look
at
rust
as
a
potential
tool
for
safety
critical
applications.
However,
they
need
tools
that
are
suitable
for
a
slightly
different
product
cycle.
People
in
safety
critical
often
offer
their
tools
and
applications
for
10
to
20-year
product
cycles,
which
means
they
really
need
to
have
a
lot
of
confidence
in
their
tools.
They
also
do
have
a
regulator
typically
constraining
what
they
can
use
and
making
sure
that
they're
only
using
tools
that
are
suitable
for
the
application.
A
A
So
we
really
see
sealed
rust
being
a
a
step
forward
for
the
industry,
both
from
a
technical
and
a
developer,
conspiring
perspective.
So
for
the
folks
that
are
in
the
room,
you're,
probably
already
familiar.
What
kind
of
things
rust
offers
you,
but
from
a
technical
perspective,
we
really
see
rust
being
a
language
that
offers
best-in-class
safety
features,
while
still
giving
you
compile
time
control
of
your
performance
and
resources.
A
We
see
this
being
a
huge
benefit
for
these
mission
and
safety
critical
industries,
because
they
can
use
one
programming
language,
whether
they're
developing
secure
server
application,
constrained,
embedded
systems
or
even
mobile
devices
in
application.
At
the
end
of
the
day,
from
a
technical
perspective,
we
really
think
rust
and
sealed
rust
can
help
deliver.
A
That's
been
publicly
spoken
about
as
a
language,
that's
been
loved
by
developers
as
well
as
engineering
organizations
for
the
last
five
years
in
a
row
now
rust
has
been
stack,
overflow's,
most
loved
language
and
almost
every
big
household
technology
name
has
spoken
publicly
or
a
little
privately
about
their
use
of
rust,
including
google
apple,
mozilla,
facebook,
dropbox,
microsoft,
intel.
The
list
is
really
only
growing
and
it's
been
really
great
to
see
the
industry
uptake
of
rust
everywhere
from
server
side
systems
to
beginning
to
be
now
embedded
applications
as
well.
A
A
So
I
really
want
to
point
out
one
of
these
in
particular
that
I
mentioned
here
that
70
of
microsoft's
security,
vulnerabilities
2004
to
present
were
due
to
memory
safety,
and
this
is
a
number
we
keep
seeing
over
and
over
and
over
again,
chrome
has
released
a
study
that
showed
that
70
or
so
of
their
defects
were
due
to
memory
safety
and
there's
been
an
analysis
of
apple's
cves
from
some
of
their
os
x
releases.
That
really
reiterates
that
70
number.
A
So
this
is
a
number
that
we're
really
not
going
to
see
change,
because,
despite
all
the
best
practices
from
some
of
these
best-in-class
engineering
organizations,
these
kind
of
problems
really
keep
happening.
So
it's
time
to
really
step
back
and
address
these
fundamentally
using
a
language
like
rust,.
A
We've
been
working
over
the
last
year
on
establishing
partnerships
with
qualified
compiler
vendors,
particularly
for
the
safety
critical
application
to
make
sure,
as
I
said,
that
you're
not
introducing
a
wholly
brand
new
tool
into
your
organization.
But
instead
you
can
begin
using
rust
with
your
existing
qualified
compiler
vendors,
we've
partnered
with
green
hills,
software
to
be
our
first
person
that
we're
moving
forward
to
investigate
what
it
will
take
to
get
a
qualified
compiler
ready
for
applications
like
asl
b
in
the
automotive
industry
and
even
looking
at
higher
levels
of
criticality
and
other
industries.
A
We're
also
talking
with
even
more
qualified
compiler
vendors
and
hope
over
the
next
months
and
years
to
be
able
to
support
more
and
more
qualified
compilation
tool
chains.
To
make
sure
that
you
really
can
use
rust
in
the
way
that
you're
already
developing
safety
critical
software.
Today,
we're
also
looking
at
establishing
our
first
partnerships
with
customers,
some
of
them,
particularly
in
the
automotive
industry,
we're
already
talking
with-
and
we
hope
to
be
able
to
talk
about
that
publicly
here
in
the
future.
A
A
So
we
see
this
milestones
being
over
between
now
and
the
end
of
the
year
establishing
these
partners,
partnerships
with
either
compiler
companies,
potential
customers,
silicon
vendors
and
anyone
building
tools
that
has
to
do
with
around
rust
we're
looking
to
be
establishing
those
partnerships
between
the
end
of
this
year.
A
Between
now
and
the
end
of
next
year,
then
we're
really
hoping
to
kick
off
the
technical
focus
between
then
and
about
18
months
till
we
can
offer
our
first
version
of
mission,
critical,
sealed
rust
around
the
middle
of
2022
and
then
hoping
to
have
our
first
safety
critical,
qualified
version
of
sealed
rust
safety
critical
by
the
end
of
the
year
2023.
A
So
if
you're
interested
in
using
rust
sometime
in
these
milestones,
definitely
make
sure
that
you
reach
out
to
us
if
you're
interested
in
sealed
rust
and
we've
already
been
talking
to.
You
definitely
make
sure
you
keep
talking
to
us
and
let
us
know
what
you're
interested
in,
but
if
you're,
if
you
haven't,
talked
to
us
yet
and
you're
interested
in
being
an
early
customer
or
an
early
partner
in
sealed
rust,
make
sure
you
send
us
an
email
at
sealedrust
ferrissystems.com.
A
That's
sealed
dash
rust
at
ferris
systems,
dot
com
and
we'll
get
in
touch
with
you
and
make
sure
you're
in
the
loop
with
all
of
these
developments
as
they
go
so
now
enjoy
the
conference,
make
sure
you
keep
an
eye
on
both
the
chat
and
the
stream
and
we're
gonna
go
to
break
now
before
we
start
our
first
talk.
So
thank
you
all
very
much
for
being
here
and
being
a
part
of
oxidize.